i got the netstat log
the log says 6 TCP
in local adress
all have status TIME_WAIT
what is that?
can some one give me a brief and quick tutorial?
when should i be worried?
Thank you!
2007-06-04 23:57:19 · 4 answers · asked by Anonymous in Computers & Internet ➔ Security
Netstat is a little utility that many administrators use to monitor the network connections on their servers. It is quite useful for tracking down that small subset of performance bottlenecks that aren't attributable to yet another piece of convoluted application code that some careless programmer wrote and now you have to take care of. But I digress.
When you run netstat on your busy IIS box, you might get something that looks like this:
C:\>netstat -np tcp
Active Connections
Proto Local Address Foreign Address State
TCP 192.168.0.1:80 192.168.0.12:1217 ESTABLISHED
TCP 192.168.0.1:80 192.168.0.5:1218 TIME_WAIT
TCP 192.168.0.1:80 192.168.0.234:1252 TIME_WAIT
TCP 192.168.0.1:80 192.168.0.37:1267 ESTABLISHED
TCP 192.168.0.1:80 192.168.0.23:1298 TIME_WAIT
TCP 192.168.0.1:80 192.168.0.32:1345 TIME_WAIT
And so on and on, for many, many lines. Each line here represents a connection between a TCP socket your server and a matching one on some other machine--usually an HTTP client such as a browser or proxy server, but depending on your architecture you might also see connections to other kinds of servers (database, application, directory, etc.). Each connection has a unique combination of IP addresses and port numbers that identify the endpoints to which the sockets are bound. More to the point, each one also has a state indicator. As connections are set up used and torn down, they pass through a variety of these states, most of which aren't shown here, because they come and go quite quickly).
The connections in the ESTABLISHED state are, well, established--they are neither being set up nor torn down but just used. This is what you will often see the most of. But what about the others? On a busy HTTP server, the number of sockets in this TIME_WAIT state can far exceed those in the ESTABLISHED state. For instance, I checked an IIS 6.0 box that serves a fairly busy corporate site earlier today and got 124 ESTABLISHED connections versus 431 in TIME_WAIT.
Its actually slightly complicated, but most certainly you will find what yuor looking for at the source
2007-06-05 00:04:38 · answer #1 · answered by Anonymous · 0⤊ 0⤋
There are two things in this one is time_wait and the another is established. Time_wait shows that the connection between your computer and the website which you opened is not done yet. and the another one shows that the connection is established.
2007-06-05 00:04:23 · answer #2 · answered by cool guy 2 · 0⤊ 0⤋
In Netstat, click on the Help TAB.
2007-06-04 23:59:53 · answer #3 · answered by ELfaGeek 7 · 0⤊ 0⤋
once you're there interior the Command on the spot, type netstat /? this could checklist all your available instructions which are available in and the thank you to type them out. i'm hoping this helps, stable success
2016-11-26 00:20:33 · answer #4 · answered by parise 4 · 0⤊ 0⤋